On Tue, 2012-02-07 at 01:50 -0800, Clint Byrum wrote: > I'm writing to the greater Debian and Ubuntu community to ask for your > thoughts on a proposal to drop MySQL in favor of MariaDB. Its clear to > me that Oracle is not going to do work in the open, and this will become > a huge support burden for Linux distributions. The recent CVE's had to > be hunted down and investigated at great difficulty to several people, > since the KB articles referenced and the internal Oracle bug numbers > referenced were not available. > > This will only get harder as the community bug tracker gets further out > of sync with the private one.
As a member of the security team, I think Oracle's move to a private bug tracker and not publishing details on the security issues is a disaster for Linux distributions attempting to maintain MySQL. I would support moving to a project that still does development in the open and is not actively trying to hide details of security issues. Marc. _______________________________________________ Mailing list: https://launchpad.net/~maria-discuss Post to : maria-discuss@lists.launchpad.net Unsubscribe : https://launchpad.net/~maria-discuss More help : https://help.launchpad.net/ListHelp
